The download mirror server for HandBrake, a video converting tool, was recenty compromised to distribute a RAT to Mac computers. Security alerts were posted on the firms website, announcing that between Tuesday and Saturday of last week Mac users may have downloaded compromised software. HandBrake suggests all users verify any downloads before running them.

Many popular browsers and antivirus programs have weaknesses, recently reported by Project Zero. Natalie Silvanovich, former security researcher at BlackBerry, leaked the story via Twitter over the weekend.

Since October of 2013 more than $1.6 billion has been scammed from American firms. All states have been affected, and there does not see to be any obserable trend in the specific type of firms targeted.

IBM’s X-Force security team have confirmed the existence of a new TrickBot malware program that has been attacking business banking accounts. Many incidents have been seen in the UK, Australia, and other advanced economies that have many private banks and wealth management firms.

OSX.Dok, a new Mac malware that can spy on a victims web traffic, has been observed on all versions of OS. The virus is still capable of avoiding detection by VirusTotal and was only until recently associated with a certified Apple developer that is authenticated by Apple. Apple has since revoked the certification.

IBM has directed all customers that have purchased any USB flash drives with the Storwize installation tool to destroy the product, as they likely contain an unspecified malware code. The devices include any flash drives utilizing the V3500, V3700, and V5000 Gen 1 systems.

Wellington’s Victoria University appears to have been hacked, potentially leaving the sensitive information of both students and staff available to cybercriminals. The National Cyber Security Centre and other security consultants have begun to assess the extent of the damage done, but recommend all who may have been affected to immediately revise their passwords.

WikiLeaks has released what is being called the entire hacking capacity of the CIA in a large data dump on Tuesday. Within the 8,761 documents included in ‘Vault 7’ were acquired from a ‘high-security’ CIA network from the Center of Cyber Intelligence in Virginia. The group of data had been “circulated among former U.S. government hackers and contractors,” and was released to WikiLeaks by one of these contractors.

Wiper malware has made a huge come back from it’s 2012 debut, attacking several targets in multiple continents. Security experts worry over the maware’s past, citing the Shamoon attack against Saudi Aramco which resulted in the loss of 30,000 workstations and their data. “Dark Seoul Gang” have more recently used the software to attack South Korean bank hard drives and facilities maintaining broadcasting and financial services.

“Unpatched zero-day vulnerability used to gain remote access to devices”

Currently being advertised in one of the leading underground markets, the RAT Proton was found on a cloned Russian cybercrime message board. Sixgill researchers report that it is being offered for two bitcoins, or roughly $2,500 for single installations, a cause for concern among those that use MacOS products.

Bypassing the complicated management and monitoring of private servers isn’t the only plus to a cloud service application. The sheer scale of cloud-based mail providers, such as Office 365, have the capabilities to prevent advanced malware and phishing attempts making them easier to spot, along with other protections.

The inevitable attack from ransomware organizations occurred over the last week, most recently with a data wipe from the databases of MongoDB and Elasticsearch clusters. Hadoop and CouchDB are also experiencing similar attacks.

An antiquated strain of malware ‘Quimitchin’ has been discovered by Malwarebytes after unusual outgoing traffic from an outdated Mac operating system was spotted by an IT admin. The research team commented that “in existence, undetected, for some time.”

A new Forcepoint report indicates that operators of Carbanak have implemented a new system that allows the cyber-criminals to deliver commands to computers that have suffered from the infection. The infections often spreads through unprotected Google Spreadsheets and Google Forms.

Two new surveys of IT experts show that malicious software is on the hotlist for researchers. A Ponemon Institute study on behalf of IBM and Arxan found that nearly 84% of IT security practitioners believe that mobile applications are vulnerable to malware threats. IoT application researchers share the concerns at 66%, although at a lower rate.

Big items to consider: New information released on the Hyatt data breach shows that 250 hotels worldwide and 100 US hotels were infected with the point of sale malware from July all the way to December 2015. Updates on the Mac vulnerability, gatekeeper, shows that it is still an ongoing threat to macs because of how easy the malware workaround is. EU court ruling declared that employees private messages can be accessed and read by the employer completely legally. Lastly, a blog written by Brian Krebs that illustrated the threat that ransomware has on cloud services and those who hold all their information in the cloud face.

Hyatt said Thursday that it found malicious software in about 250 of its hotels that may have exposed customers’ credit- and debit-card numbers and other information to hackers. It’s the first time the hotel operator has listed the hotels affected since it announced it found malware at its hotels in December. Hyatt said the malware was found at many of its brands, including the Park Hyatt, Hyatt Regency and Andaz. About 100 of the hotels affected were in the U.S. The rest were abroad in cities including London, Paris and Shanghai.

In September, Ars reported a drop-dead simple exploit that completely bypassed an OS X security feature known as Gatekeeper. Apple shipped a fix, but now the security researcher who discovered the original vulnerability said he found an equally obvious work-around. Patrick Wardle said the security fix consisted of blacklisting a small number of known files he privately reported to Apple that could be repackaged to install malicious software on Macs, even when Gatekeeper is set to its most restrictive setting. Wardle was able to revive his attack with little effort by finding a new Apple trusted file that hadn’t been blocked by the Apple update.

Employers in the European Union can read employees’ private messages sent via online chat and webmail accounts during working hours, EU judges have ruled. The European Court of Human Rights (ECHR) said that a Romanian employer firm that read a worker’s Yahoo Messenger chats sent while he was at work was within its rights. According to the BBC, the employee, an engineer, “had hoped the court would rule that his employer had breached his right to confidential correspondence when it accessed his messages and subsequently sacked him in 2007.”

Ransomware — malicious software that encrypts the victim’s files and holds them hostage unless and until the victim pays a ransom in Bitcoin — has emerged as a potent and increasingly common threat online. But many Internet users are unaware that ransomware also can just as easily seize control over files stored on cloud services. More importantly, the malware that scrambled their files — a strain of ransomware called TeslaCrypt, contained a coding weakness that has allowed security and antivirus firms to help victims decrypt the files without paying the ransom. Users over at the computer help forum BleepingComputer have created TeslaDecoder, which allows victims to decrypt files locked by TeslaCrypt.

10Fold Content Newsletter

Popular Post

Our Client – AppDynamics

Get in Touch with 10Fold!

With offices based in San Francisco, the California Bay Area and Southern California, 10Fold Communications is conveniently located in the epicenter of technology innovation.

About

10Fold Communications is a high-tech integrated marketing and public relations agency. We leverage our specialized skills and our well-established media and analyst relations to provide you with far-reaching perspectives, insights and results. We’re dedicated to your success and we have the know-how to make it happen..